vestig 0.2.0

package/dist/utils/sanitize-presets.d.ts

@@ -0,0 +1,54 @@
+import type { SanitizeConfig, SanitizePreset } from '../types';
+/**
+ * Common patterns for detecting sensitive data in strings
+ */
+export declare const COMMON_PATTERNS: {
+    email: {
+        name: string;
+        pattern: RegExp;
+        replacement: (match: string) => string;
+    };
+    creditCard: {
+        name: string;
+        pattern: RegExp;
+        replacement: (match: string) => string;
+    };
+    jwt: {
+        name: string;
+        pattern: RegExp;
+        replacement: string;
+    };
+    ipv4: {
+        name: string;
+        pattern: RegExp;
+        replacement: string;
+    };
+    ipv6: {
+        name: string;
+        pattern: RegExp;
+        replacement: string;
+    };
+    ssn: {
+        name: string;
+        pattern: RegExp;
+        replacement: string;
+    };
+    phone: {
+        name: string;
+        pattern: RegExp;
+        replacement: string;
+    };
+};
+/**
+ * Preset configurations for different compliance requirements
+ */
+export declare const PRESETS: Record<SanitizePreset, SanitizeConfig>;
+/**
+ * Get a preset configuration by name
+ */
+export declare function getPreset(name: SanitizePreset): SanitizeConfig;
+/**
+ * Merge two sanitization configs
+ */
+export declare function mergeConfigs(base: SanitizeConfig, override: Partial<SanitizeConfig>): SanitizeConfig;
+//# sourceMappingURL=sanitize-presets.d.ts.map

package/dist/utils/sanitize-presets.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"sanitize-presets.d.ts","sourceRoot":"","sources":["../../src/utils/sanitize-presets.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,cAAc,EAAmB,cAAc,EAAE,MAAM,UAAU,CAAA;AAE/E;;GAEG;AACH,eAAO,MAAM,eAAe;;;;6BAIL,MAAM;;;;;6BAUN,MAAM;;;;;;;;;;;;;;;;;;;;;;;;;;;CA+Bc,CAAA;AAkI3C;;GAEG;AACH,eAAO,MAAM,OAAO,EAAE,MAAM,CAAC,cAAc,EAAE,cAAc,CA6C1D,CAAA;AAED;;GAEG;AACH,wBAAgB,SAAS,CAAC,IAAI,EAAE,cAAc,GAAG,cAAc,CAG9D;AAED;;GAEG;AACH,wBAAgB,YAAY,CAC3B,IAAI,EAAE,cAAc,EACpB,QAAQ,EAAE,OAAO,CAAC,cAAc,CAAC,GAC/B,cAAc,CAQhB"}

package/dist/utils/sanitize-presets.js

@@ -0,0 +1,245 @@
+/**
+ * Common patterns for detecting sensitive data in strings
+ */
+export const COMMON_PATTERNS = {
+    email: {
+        name: 'email',
+        pattern: /([a-zA-Z0-9._%+-]+)@([a-zA-Z0-9.-]+\.[a-zA-Z]{2,})/g,
+        replacement: (match) => {
+            const [local, domain] = match.split('@');
+            if (!local || !domain)
+                return '[EMAIL]';
+            const maskedLocal = `${local.slice(0, 2)}***`;
+            return `${maskedLocal}@${domain}`;
+        },
+    },
+    creditCard: {
+        name: 'creditCard',
+        pattern: /\b\d{4}[- ]?\d{4}[- ]?\d{4}[- ]?\d{4}\b/g,
+        replacement: (match) => {
+            const digits = match.replace(/[- ]/g, '');
+            return `****${digits.slice(-4)}`;
+        },
+    },
+    jwt: {
+        name: 'jwt',
+        pattern: /eyJ[a-zA-Z0-9_-]*\.eyJ[a-zA-Z0-9_-]*\.[a-zA-Z0-9_-]*/g,
+        replacement: '[JWT_REDACTED]',
+    },
+    ipv4: {
+        name: 'ipv4',
+        pattern: /\b(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\b/g,
+        replacement: '[IP_REDACTED]',
+    },
+    ipv6: {
+        name: 'ipv6',
+        pattern: /(?:[0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}/g,
+        replacement: '[IP_REDACTED]',
+    },
+    ssn: {
+        name: 'ssn',
+        pattern: /\b\d{3}[-]?\d{2}[-]?\d{4}\b/g,
+        replacement: '[SSN_REDACTED]',
+    },
+    phone: {
+        name: 'phone',
+        pattern: /\b(?:\+?1[-.]?)?\(?[0-9]{3}\)?[-.]?[0-9]{3}[-.]?[0-9]{4}\b/g,
+        replacement: '[PHONE_REDACTED]',
+    },
+};
+/**
+ * Field sets for different compliance levels
+ */
+const FIELD_SETS = {
+    minimal: ['password', 'secret', 'token', 'key', 'apikey', 'api_key', 'api-key'],
+    default: [
+        'password',
+        'pass',
+        'pwd',
+        'secret',
+        'token',
+        'api_key',
+        'apikey',
+        'api-key',
+        'access_token',
+        'accesstoken',
+        'refresh_token',
+        'private_key',
+        'privatekey',
+        'credit_card',
+        'creditcard',
+        'card_number',
+        'cvv',
+        'ssn',
+        'social_security',
+        'authorization',
+        'bearer',
+        'session_id',
+        'sessionid',
+        'cookie',
+        'auth',
+    ],
+    gdpr: [
+        // Personal identifiers
+        'name',
+        'first_name',
+        'firstname',
+        'last_name',
+        'lastname',
+        'full_name',
+        'fullname',
+        'email',
+        'phone',
+        'telephone',
+        'mobile',
+        'address',
+        'street',
+        'city',
+        'zip',
+        'postal_code',
+        'country',
+        'birthdate',
+        'birth_date',
+        'date_of_birth',
+        'dob',
+        'age',
+        'gender',
+        'nationality',
+        // Online identifiers
+        'ip',
+        'ip_address',
+        'user_agent',
+        'useragent',
+        'device_id',
+        'deviceid',
+        'mac_address',
+        // Financial
+        'iban',
+        'bank_account',
+        'account_number',
+    ],
+    hipaa: [
+        // PHI (Protected Health Information)
+        'patient_id',
+        'patientid',
+        'medical_record',
+        'mrn',
+        'diagnosis',
+        'condition',
+        'treatment',
+        'medication',
+        'prescription',
+        'insurance_id',
+        'health_plan',
+        'provider',
+        'physician',
+        'doctor',
+        // Biometric
+        'fingerprint',
+        'retina',
+        'voice_print',
+        'dna',
+        // Images
+        'photo',
+        'image',
+        'xray',
+        'mri',
+        'scan',
+    ],
+    pciDss: [
+        // Primary Account Number (PAN)
+        'pan',
+        'card_number',
+        'cardnumber',
+        'credit_card',
+        'creditcard',
+        'debit_card',
+        'card_num',
+        // Cardholder data
+        'cardholder',
+        'card_holder',
+        'expiry',
+        'expiration',
+        'exp_date',
+        'cvv',
+        'cvc',
+        'cvv2',
+        'cvc2',
+        'security_code',
+        'pin',
+        'pin_block',
+        // Track data
+        'track1',
+        'track2',
+        'magnetic_stripe',
+    ],
+};
+/**
+ * Preset configurations for different compliance requirements
+ */
+export const PRESETS = {
+    none: {
+        enabled: false,
+        fields: [],
+        patterns: [],
+    },
+    minimal: {
+        enabled: true,
+        fields: FIELD_SETS.minimal,
+        patterns: [],
+    },
+    default: {
+        enabled: true,
+        fields: FIELD_SETS.default,
+        patterns: [COMMON_PATTERNS.email, COMMON_PATTERNS.creditCard, COMMON_PATTERNS.jwt],
+    },
+    gdpr: {
+        enabled: true,
+        fields: [...FIELD_SETS.default, ...FIELD_SETS.gdpr],
+        patterns: [
+            COMMON_PATTERNS.email,
+            COMMON_PATTERNS.creditCard,
+            COMMON_PATTERNS.jwt,
+            COMMON_PATTERNS.ipv4,
+            COMMON_PATTERNS.ipv6,
+            COMMON_PATTERNS.phone,
+        ],
+    },
+    hipaa: {
+        enabled: true,
+        fields: [...FIELD_SETS.default, ...FIELD_SETS.gdpr, ...FIELD_SETS.hipaa],
+        patterns: [
+            COMMON_PATTERNS.email,
+            COMMON_PATTERNS.creditCard,
+            COMMON_PATTERNS.jwt,
+            COMMON_PATTERNS.ipv4,
+            COMMON_PATTERNS.ssn,
+            COMMON_PATTERNS.phone,
+        ],
+    },
+    'pci-dss': {
+        enabled: true,
+        fields: [...FIELD_SETS.default, ...FIELD_SETS.pciDss],
+        patterns: [COMMON_PATTERNS.creditCard, COMMON_PATTERNS.jwt],
+    },
+};
+/**
+ * Get a preset configuration by name
+ */
+export function getPreset(name) {
+    const preset = PRESETS[name];
+    return preset ?? PRESETS.default;
+}
+/**
+ * Merge two sanitization configs
+ */
+export function mergeConfigs(base, override) {
+    return {
+        enabled: override.enabled ?? base.enabled,
+        fields: override.fields ? [...(base.fields ?? []), ...override.fields] : base.fields,
+        patterns: override.patterns ? [...(base.patterns ?? []), ...override.patterns] : base.patterns,
+        replacement: override.replacement ?? base.replacement,
+        depth: override.depth ?? base.depth,
+    };
+}
+//# sourceMappingURL=sanitize-presets.js.map

package/dist/utils/sanitize-presets.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"sanitize-presets.js","sourceRoot":"","sources":["../../src/utils/sanitize-presets.ts"],"names":[],"mappings":"AAEA;;GAEG;AACH,MAAM,CAAC,MAAM,eAAe,GAAG;IAC9B,KAAK,EAAE;QACN,IAAI,EAAE,OAAO;QACb,OAAO,EAAE,qDAAqD;QAC9D,WAAW,EAAE,CAAC,KAAa,EAAE,EAAE;YAC9B,MAAM,CAAC,KAAK,EAAE,MAAM,CAAC,GAAG,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;YACxC,IAAI,CAAC,KAAK,IAAI,CAAC,MAAM;gBAAE,OAAO,SAAS,CAAA;YACvC,MAAM,WAAW,GAAG,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,KAAK,CAAA;YAC7C,OAAO,GAAG,WAAW,IAAI,MAAM,EAAE,CAAA;QAClC,CAAC;KACD;IACD,UAAU,EAAE;QACX,IAAI,EAAE,YAAY;QAClB,OAAO,EAAE,0CAA0C;QACnD,WAAW,EAAE,CAAC,KAAa,EAAE,EAAE;YAC9B,MAAM,MAAM,GAAG,KAAK,CAAC,OAAO,CAAC,OAAO,EAAE,EAAE,CAAC,CAAA;YACzC,OAAO,OAAO,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,CAAA;QACjC,CAAC;KACD;IACD,GAAG,EAAE;QACJ,IAAI,EAAE,KAAK;QACX,OAAO,EAAE,uDAAuD;QAChE,WAAW,EAAE,gBAAgB;KAC7B;IACD,IAAI,EAAE;QACL,IAAI,EAAE,MAAM;QACZ,OAAO,EACN,gGAAgG;QACjG,WAAW,EAAE,eAAe;KAC5B;IACD,IAAI,EAAE;QACL,IAAI,EAAE,MAAM;QACZ,OAAO,EAAE,2CAA2C;QACpD,WAAW,EAAE,eAAe;KAC5B;IACD,GAAG,EAAE;QACJ,IAAI,EAAE,KAAK;QACX,OAAO,EAAE,8BAA8B;QACvC,WAAW,EAAE,gBAAgB;KAC7B;IACD,KAAK,EAAE;QACN,IAAI,EAAE,OAAO;QACb,OAAO,EAAE,6DAA6D;QACtE,WAAW,EAAE,kBAAkB;KAC/B;CACyC,CAAA;AAE3C;;GAEG;AACH,MAAM,UAAU,GAAG;IAClB,OAAO,EAAE,CAAC,UAAU,EAAE,QAAQ,EAAE,OAAO,EAAE,KAAK,EAAE,QAAQ,EAAE,SAAS,EAAE,SAAS,CAAC;IAC/E,OAAO,EAAE;QACR,UAAU;QACV,MAAM;QACN,KAAK;QACL,QAAQ;QACR,OAAO;QACP,SAAS;QACT,QAAQ;QACR,SAAS;QACT,cAAc;QACd,aAAa;QACb,eAAe;QACf,aAAa;QACb,YAAY;QACZ,aAAa;QACb,YAAY;QACZ,aAAa;QACb,KAAK;QACL,KAAK;QACL,iBAAiB;QACjB,eAAe;QACf,QAAQ;QACR,YAAY;QACZ,WAAW;QACX,QAAQ;QACR,MAAM;KACN;IACD,IAAI,EAAE;QACL,uBAAuB;QACvB,MAAM;QACN,YAAY;QACZ,WAAW;QACX,WAAW;QACX,UAAU;QACV,WAAW;QACX,UAAU;QACV,OAAO;QACP,OAAO;QACP,WAAW;QACX,QAAQ;QACR,SAAS;QACT,QAAQ;QACR,MAAM;QACN,KAAK;QACL,aAAa;QACb,SAAS;QACT,WAAW;QACX,YAAY;QACZ,eAAe;QACf,KAAK;QACL,KAAK;QACL,QAAQ;QACR,aAAa;QACb,qBAAqB;QACrB,IAAI;QACJ,YAAY;QACZ,YAAY;QACZ,WAAW;QACX,WAAW;QACX,UAAU;QACV,aAAa;QACb,YAAY;QACZ,MAAM;QACN,cAAc;QACd,gBAAgB;KAChB;IACD,KAAK,EAAE;QACN,qCAAqC;QACrC,YAAY;QACZ,WAAW;QACX,gBAAgB;QAChB,KAAK;QACL,WAAW;QACX,WAAW;QACX,WAAW;QACX,YAAY;QACZ,cAAc;QACd,cAAc;QACd,aAAa;QACb,UAAU;QACV,WAAW;QACX,QAAQ;QACR,YAAY;QACZ,aAAa;QACb,QAAQ;QACR,aAAa;QACb,KAAK;QACL,SAAS;QACT,OAAO;QACP,OAAO;QACP,MAAM;QACN,KAAK;QACL,MAAM;KACN;IACD,MAAM,EAAE;QACP,+BAA+B;QAC/B,KAAK;QACL,aAAa;QACb,YAAY;QACZ,aAAa;QACb,YAAY;QACZ,YAAY;QACZ,UAAU;QACV,kBAAkB;QAClB,YAAY;QACZ,aAAa;QACb,QAAQ;QACR,YAAY;QACZ,UAAU;QACV,KAAK;QACL,KAAK;QACL,MAAM;QACN,MAAM;QACN,eAAe;QACf,KAAK;QACL,WAAW;QACX,aAAa;QACb,QAAQ;QACR,QAAQ;QACR,iBAAiB;KACjB;CACD,CAAA;AAED;;GAEG;AACH,MAAM,CAAC,MAAM,OAAO,GAA2C;IAC9D,IAAI,EAAE;QACL,OAAO,EAAE,KAAK;QACd,MAAM,EAAE,EAAE;QACV,QAAQ,EAAE,EAAE;KACZ;IACD,OAAO,EAAE;QACR,OAAO,EAAE,IAAI;QACb,MAAM,EAAE,UAAU,CAAC,OAAO;QAC1B,QAAQ,EAAE,EAAE;KACZ;IACD,OAAO,EAAE;QACR,OAAO,EAAE,IAAI;QACb,MAAM,EAAE,UAAU,CAAC,OAAO;QAC1B,QAAQ,EAAE,CAAC,eAAe,CAAC,KAAK,EAAE,eAAe,CAAC,UAAU,EAAE,eAAe,CAAC,GAAG,CAAC;KAClF;IACD,IAAI,EAAE;QACL,OAAO,EAAE,IAAI;QACb,MAAM,EAAE,CAAC,GAAG,UAAU,CAAC,OAAO,EAAE,GAAG,UAAU,CAAC,IAAI,CAAC;QACnD,QAAQ,EAAE;YACT,eAAe,CAAC,KAAK;YACrB,eAAe,CAAC,UAAU;YAC1B,eAAe,CAAC,GAAG;YACnB,eAAe,CAAC,IAAI;YACpB,eAAe,CAAC,IAAI;YACpB,eAAe,CAAC,KAAK;SACrB;KACD;IACD,KAAK,EAAE;QACN,OAAO,EAAE,IAAI;QACb,MAAM,EAAE,CAAC,GAAG,UAAU,CAAC,OAAO,EAAE,GAAG,UAAU,CAAC,IAAI,EAAE,GAAG,UAAU,CAAC,KAAK,CAAC;QACxE,QAAQ,EAAE;YACT,eAAe,CAAC,KAAK;YACrB,eAAe,CAAC,UAAU;YAC1B,eAAe,CAAC,GAAG;YACnB,eAAe,CAAC,IAAI;YACpB,eAAe,CAAC,GAAG;YACnB,eAAe,CAAC,KAAK;SACrB;KACD;IACD,SAAS,EAAE;QACV,OAAO,EAAE,IAAI;QACb,MAAM,EAAE,CAAC,GAAG,UAAU,CAAC,OAAO,EAAE,GAAG,UAAU,CAAC,MAAM,CAAC;QACrD,QAAQ,EAAE,CAAC,eAAe,CAAC,UAAU,EAAE,eAAe,CAAC,GAAG,CAAC;KAC3D;CACD,CAAA;AAED;;GAEG;AACH,MAAM,UAAU,SAAS,CAAC,IAAoB;IAC7C,MAAM,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAA;IAC5B,OAAO,MAAM,IAAI,OAAO,CAAC,OAAO,CAAA;AACjC,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,YAAY,CAC3B,IAAoB,EACpB,QAAiC;IAEjC,OAAO;QACN,OAAO,EAAE,QAAQ,CAAC,OAAO,IAAI,IAAI,CAAC,OAAO;QACzC,MAAM,EAAE,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,IAAI,CAAC,MAAM,IAAI,EAAE,CAAC,EAAE,GAAG,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,MAAM;QACpF,QAAQ,EAAE,QAAQ,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,IAAI,CAAC,QAAQ,IAAI,EAAE,CAAC,EAAE,GAAG,QAAQ,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ;QAC9F,WAAW,EAAE,QAAQ,CAAC,WAAW,IAAI,IAAI,CAAC,WAAW;QACrD,KAAK,EAAE,QAAQ,CAAC,KAAK,IAAI,IAAI,CAAC,KAAK;KACnC,CAAA;AACF,CAAC"}

package/dist/utils/sanitize.d.ts

@@ -0,0 +1,75 @@
+import type { FieldMatcher, SanitizeConfig, SanitizePattern, SanitizePreset } from '../types';
+/**
+ * Configurable sanitizer for PII and sensitive data
+ *
+ * @example
+ * ```typescript
+ * // Using a preset
+ * const sanitizer = Sanitizer.fromPreset('gdpr')
+ * const safe = sanitizer.sanitize({ email: 'user@example.com', password: 'secret' })
+ *
+ * // Custom configuration
+ * const sanitizer = new Sanitizer({
+ *   fields: ['customSecret', { type: 'prefix', value: 'private_' }],
+ *   patterns: [{ name: 'custom', pattern: /secret-\w+/g, replacement: '[SECRET]' }],
+ * })
+ * ```
+ */
+export declare class Sanitizer {
+    private readonly config;
+    private readonly fieldSet;
+    private readonly fieldMatchers;
+    constructor(config?: SanitizeConfig);
+    /**
+     * Create a sanitizer from a preset
+     */
+    static fromPreset(preset: SanitizePreset): Sanitizer;
+    /**
+     * Create a sanitizer by merging a preset with custom config
+     */
+    static fromPresetWithOverrides(preset: SanitizePreset, overrides: Partial<SanitizeConfig>): Sanitizer;
+    /**
+     * Sanitize a value recursively
+     */
+    sanitize<T>(value: T): T;
+    /**
+     * Add a field to sanitize
+     */
+    addField(field: string | FieldMatcher): void;
+    /**
+     * Add a pattern to sanitize
+     */
+    addPattern(pattern: SanitizePattern): void;
+    /**
+     * Check if a field name should be sanitized
+     */
+    private isSensitiveField;
+    /**
+     * Match a field against a FieldMatcher
+     */
+    private matchField;
+    /**
+     * Apply patterns to sanitize a string
+     */
+    private sanitizeString;
+    /**
+     * Recursively sanitize a value
+     */
+    private sanitizeValue;
+    /**
+     * Get the current configuration
+     */
+    getConfig(): Readonly<Required<SanitizeConfig>>;
+}
+/**
+ * Sanitize a value using the default preset
+ * (Backwards compatible function)
+ */
+export declare function sanitize(value: unknown, additionalFields?: string[], depth?: number): unknown;
+/**
+ * Create a sanitizer function with custom fields
+ * (Backwards compatible function)
+ */
+export declare function createSanitizer(additionalFields?: string[]): (value: unknown) => unknown;
+export { COMMON_PATTERNS, getPreset, mergeConfigs, PRESETS } from './sanitize-presets';
+//# sourceMappingURL=sanitize.d.ts.map

package/dist/utils/sanitize.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"sanitize.d.ts","sourceRoot":"","sources":["../../src/utils/sanitize.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,YAAY,EAAE,cAAc,EAAE,eAAe,EAAE,cAAc,EAAE,MAAM,UAAU,CAAA;AAa7F;;;;;;;;;;;;;;;GAeG;AACH,qBAAa,SAAS;IACrB,OAAO,CAAC,QAAQ,CAAC,MAAM,CAA0B;IACjD,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAAa;IACtC,OAAO,CAAC,QAAQ,CAAC,aAAa,CAAgB;gBAElC,MAAM,GAAE,cAAmB;IAsBvC;;OAEG;IACH,MAAM,CAAC,UAAU,CAAC,MAAM,EAAE,cAAc,GAAG,SAAS;IAIpD;;OAEG;IACH,MAAM,CAAC,uBAAuB,CAC7B,MAAM,EAAE,cAAc,EACtB,SAAS,EAAE,OAAO,CAAC,cAAc,CAAC,GAChC,SAAS;IAIZ;;OAEG;IACH,QAAQ,CAAC,CAAC,EAAE,KAAK,EAAE,CAAC,GAAG,CAAC;IAKxB;;OAEG;IACH,QAAQ,CAAC,KAAK,EAAE,MAAM,GAAG,YAAY,GAAG,IAAI;IAS5C;;OAEG;IACH,UAAU,CAAC,OAAO,EAAE,eAAe,GAAG,IAAI;IAI1C;;OAEG;IACH,OAAO,CAAC,gBAAgB;IAcxB;;OAEG;IACH,OAAO,CAAC,UAAU;IAoBlB;;OAEG;IACH,OAAO,CAAC,cAAc;IAetB;;OAEG;IACH,OAAO,CAAC,aAAa;IAiCrB;;OAEG;IACH,SAAS,IAAI,QAAQ,CAAC,QAAQ,CAAC,cAAc,CAAC,CAAC;CAG/C;AAKD;;;GAGG;AACH,wBAAgB,QAAQ,CAAC,KAAK,EAAE,OAAO,EAAE,gBAAgB,GAAE,MAAM,EAAO,EAAE,KAAK,SAAI,GAAG,OAAO,CAa5F;AAED;;;GAGG;AACH,wBAAgB,eAAe,CAAC,gBAAgB,GAAE,MAAM,EAAO,GAAG,CAAC,KAAK,EAAE,OAAO,KAAK,OAAO,CAS5F;AAGD,OAAO,EAAE,eAAe,EAAE,SAAS,EAAE,YAAY,EAAE,OAAO,EAAE,MAAM,oBAAoB,CAAA"}

package/dist/utils/sanitize.js

@@ -0,0 +1,216 @@
+import { COMMON_PATTERNS, getPreset, mergeConfigs } from './sanitize-presets';
+/**
+ * Default replacement string
+ */
+const DEFAULT_REPLACEMENT = '[REDACTED]';
+/**
+ * Default maximum recursion depth
+ */
+const DEFAULT_MAX_DEPTH = 10;
+/**
+ * Configurable sanitizer for PII and sensitive data
+ *
+ * @example
+ * ```typescript
+ * // Using a preset
+ * const sanitizer = Sanitizer.fromPreset('gdpr')
+ * const safe = sanitizer.sanitize({ email: 'user@example.com', password: 'secret' })
+ *
+ * // Custom configuration
+ * const sanitizer = new Sanitizer({
+ *   fields: ['customSecret', { type: 'prefix', value: 'private_' }],
+ *   patterns: [{ name: 'custom', pattern: /secret-\w+/g, replacement: '[SECRET]' }],
+ * })
+ * ```
+ */
+export class Sanitizer {
+    config;
+    fieldSet;
+    fieldMatchers;
+    constructor(config = {}) {
+        this.config = {
+            enabled: config.enabled ?? true,
+            fields: config.fields ?? [],
+            patterns: config.patterns ?? [],
+            replacement: config.replacement ?? DEFAULT_REPLACEMENT,
+            depth: config.depth ?? DEFAULT_MAX_DEPTH,
+        };
+        // Separate simple fields from matchers for faster lookup
+        this.fieldSet = new Set();
+        this.fieldMatchers = [];
+        for (const field of this.config.fields) {
+            if (typeof field === 'string') {
+                this.fieldSet.add(field.toLowerCase());
+            }
+            else {
+                this.fieldMatchers.push(field);
+            }
+        }
+    }
+    /**
+     * Create a sanitizer from a preset
+     */
+    static fromPreset(preset) {
+        return new Sanitizer(getPreset(preset));
+    }
+    /**
+     * Create a sanitizer by merging a preset with custom config
+     */
+    static fromPresetWithOverrides(preset, overrides) {
+        return new Sanitizer(mergeConfigs(getPreset(preset), overrides));
+    }
+    /**
+     * Sanitize a value recursively
+     */
+    sanitize(value) {
+        if (!this.config.enabled)
+            return value;
+        return this.sanitizeValue(value, 0);
+    }
+    /**
+     * Add a field to sanitize
+     */
+    addField(field) {
+        this.config.fields.push(field);
+        if (typeof field === 'string') {
+            this.fieldSet.add(field.toLowerCase());
+        }
+        else {
+            this.fieldMatchers.push(field);
+        }
+    }
+    /**
+     * Add a pattern to sanitize
+     */
+    addPattern(pattern) {
+        this.config.patterns.push(pattern);
+    }
+    /**
+     * Check if a field name should be sanitized
+     */
+    isSensitiveField(fieldName) {
+        const lower = fieldName.toLowerCase();
+        // Check simple field set
+        if (this.fieldSet.has(lower))
+            return true;
+        // Check field matchers
+        for (const matcher of this.fieldMatchers) {
+            if (this.matchField(lower, matcher))
+                return true;
+        }
+        return false;
+    }
+    /**
+     * Match a field against a FieldMatcher
+     */
+    matchField(fieldName, matcher) {
+        const value = matcher.caseSensitive ? matcher.value : matcher.value.toLowerCase();
+        const name = matcher.caseSensitive ? fieldName : fieldName.toLowerCase();
+        switch (matcher.type) {
+            case 'exact':
+                return name === value;
+            case 'prefix':
+                return name.startsWith(value);
+            case 'suffix':
+                return name.endsWith(value);
+            case 'contains':
+                return name.includes(value);
+            case 'regex':
+                return new RegExp(matcher.value, matcher.caseSensitive ? '' : 'i').test(fieldName);
+            default:
+                return false;
+        }
+    }
+    /**
+     * Apply patterns to sanitize a string
+     */
+    sanitizeString(value) {
+        let result = value;
+        for (const { pattern, replacement } of this.config.patterns) {
+            const rep = replacement ?? this.config.replacement;
+            if (typeof rep === 'function') {
+                result = result.replace(pattern, rep);
+            }
+            else {
+                result = result.replace(pattern, rep);
+            }
+        }
+        return result;
+    }
+    /**
+     * Recursively sanitize a value
+     */
+    sanitizeValue(value, depth) {
+        if (depth > this.config.depth)
+            return value;
+        // Handle null/undefined
+        if (value === null || value === undefined)
+            return value;
+        // Handle strings
+        if (typeof value === 'string') {
+            return this.sanitizeString(value);
+        }
+        // Handle arrays
+        if (Array.isArray(value)) {
+            return value.map((item) => this.sanitizeValue(item, depth + 1));
+        }
+        // Handle objects
+        if (typeof value === 'object') {
+            const result = {};
+            for (const [key, val] of Object.entries(value)) {
+                if (this.isSensitiveField(key)) {
+                    result[key] = this.config.replacement;
+                }
+                else {
+                    result[key] = this.sanitizeValue(val, depth + 1);
+                }
+            }
+            return result;
+        }
+        // Return primitives as-is
+        return value;
+    }
+    /**
+     * Get the current configuration
+     */
+    getConfig() {
+        return this.config;
+    }
+}
+// Default sanitizer instance using 'default' preset
+const defaultSanitizer = Sanitizer.fromPreset('default');
+/**
+ * Sanitize a value using the default preset
+ * (Backwards compatible function)
+ */
+export function sanitize(value, additionalFields = [], depth = 0) {
+    if (additionalFields.length > 0) {
+        // Create custom sanitizer with additional fields
+        // Use 'contains' matcher for backwards compatibility (old behavior used includes())
+        const sanitizer = Sanitizer.fromPresetWithOverrides('default', {
+            fields: additionalFields.map((field) => ({
+                type: 'contains',
+                value: field,
+            })),
+        });
+        return sanitizer.sanitize(value);
+    }
+    return defaultSanitizer.sanitize(value);
+}
+/**
+ * Create a sanitizer function with custom fields
+ * (Backwards compatible function)
+ */
+export function createSanitizer(additionalFields = []) {
+    const sanitizer = Sanitizer.fromPresetWithOverrides('default', {
+        // Use 'contains' matcher for backwards compatibility
+        fields: additionalFields.map((field) => ({
+            type: 'contains',
+            value: field,
+        })),
+    });
+    return (value) => sanitizer.sanitize(value);
+}
+// Re-export presets and patterns for convenience
+export { COMMON_PATTERNS, getPreset, mergeConfigs, PRESETS } from './sanitize-presets';
+//# sourceMappingURL=sanitize.js.map

package/dist/utils/sanitize.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"sanitize.js","sourceRoot":"","sources":["../../src/utils/sanitize.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,eAAe,EAAE,SAAS,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAA;AAE7E;;GAEG;AACH,MAAM,mBAAmB,GAAG,YAAY,CAAA;AAExC;;GAEG;AACH,MAAM,iBAAiB,GAAG,EAAE,CAAA;AAE5B;;;;;;;;;;;;;;;GAeG;AACH,MAAM,OAAO,SAAS;IACJ,MAAM,CAA0B;IAChC,QAAQ,CAAa;IACrB,aAAa,CAAgB;IAE9C,YAAY,SAAyB,EAAE;QACtC,IAAI,CAAC,MAAM,GAAG;YACb,OAAO,EAAE,MAAM,CAAC,OAAO,IAAI,IAAI;YAC/B,MAAM,EAAE,MAAM,CAAC,MAAM,IAAI,EAAE;YAC3B,QAAQ,EAAE,MAAM,CAAC,QAAQ,IAAI,EAAE;YAC/B,WAAW,EAAE,MAAM,CAAC,WAAW,IAAI,mBAAmB;YACtD,KAAK,EAAE,MAAM,CAAC,KAAK,IAAI,iBAAiB;SACxC,CAAA;QAED,yDAAyD;QACzD,IAAI,CAAC,QAAQ,GAAG,IAAI,GAAG,EAAU,CAAA;QACjC,IAAI,CAAC,aAAa,GAAG,EAAE,CAAA;QAEvB,KAAK,MAAM,KAAK,IAAI,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC;YACxC,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;gBAC/B,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,KAAK,CAAC,WAAW,EAAE,CAAC,CAAA;YACvC,CAAC;iBAAM,CAAC;gBACP,IAAI,CAAC,aAAa,CAAC,IAAI,CAAC,KAAK,CAAC,CAAA;YAC/B,CAAC;QACF,CAAC;IACF,CAAC;IAED;;OAEG;IACH,MAAM,CAAC,UAAU,CAAC,MAAsB;QACvC,OAAO,IAAI,SAAS,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC,CAAA;IACxC,CAAC;IAED;;OAEG;IACH,MAAM,CAAC,uBAAuB,CAC7B,MAAsB,EACtB,SAAkC;QAElC,OAAO,IAAI,SAAS,CAAC,YAAY,CAAC,SAAS,CAAC,MAAM,CAAC,EAAE,SAAS,CAAC,CAAC,CAAA;IACjE,CAAC;IAED;;OAEG;IACH,QAAQ,CAAI,KAAQ;QACnB,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,OAAO;YAAE,OAAO,KAAK,CAAA;QACtC,OAAO,IAAI,CAAC,aAAa,CAAC,KAAK,EAAE,CAAC,CAAM,CAAA;IACzC,CAAC;IAED;;OAEG;IACH,QAAQ,CAAC,KAA4B;QACpC,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAA;QAC9B,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;YAC/B,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,KAAK,CAAC,WAAW,EAAE,CAAC,CAAA;QACvC,CAAC;aAAM,CAAC;YACP,IAAI,CAAC,aAAa,CAAC,IAAI,CAAC,KAAK,CAAC,CAAA;QAC/B,CAAC;IACF,CAAC;IAED;;OAEG;IACH,UAAU,CAAC,OAAwB;QAClC,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,OAAO,CAAC,CAAA;IACnC,CAAC;IAED;;OAEG;IACK,gBAAgB,CAAC,SAAiB;QACzC,MAAM,KAAK,GAAG,SAAS,CAAC,WAAW,EAAE,CAAA;QAErC,yBAAyB;QACzB,IAAI,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,KAAK,CAAC;YAAE,OAAO,IAAI,CAAA;QAEzC,uBAAuB;QACvB,KAAK,MAAM,OAAO,IAAI,IAAI,CAAC,aAAa,EAAE,CAAC;YAC1C,IAAI,IAAI,CAAC,UAAU,CAAC,KAAK,EAAE,OAAO,CAAC;gBAAE,OAAO,IAAI,CAAA;QACjD,CAAC;QAED,OAAO,KAAK,CAAA;IACb,CAAC;IAED;;OAEG;IACK,UAAU,CAAC,SAAiB,EAAE,OAAqB;QAC1D,MAAM,KAAK,GAAG,OAAO,CAAC,aAAa,CAAC,CAAC,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,OAAO,CAAC,KAAK,CAAC,WAAW,EAAE,CAAA;QACjF,MAAM,IAAI,GAAG,OAAO,CAAC,aAAa,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC,WAAW,EAAE,CAAA;QAExE,QAAQ,OAAO,CAAC,IAAI,EAAE,CAAC;YACtB,KAAK,OAAO;gBACX,OAAO,IAAI,KAAK,KAAK,CAAA;YACtB,KAAK,QAAQ;gBACZ,OAAO,IAAI,CAAC,UAAU,CAAC,KAAK,CAAC,CAAA;YAC9B,KAAK,QAAQ;gBACZ,OAAO,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAA;YAC5B,KAAK,UAAU;gBACd,OAAO,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAA;YAC5B,KAAK,OAAO;gBACX,OAAO,IAAI,MAAM,CAAC,OAAO,CAAC,KAAK,EAAE,OAAO,CAAC,aAAa,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAA;YACnF;gBACC,OAAO,KAAK,CAAA;QACd,CAAC;IACF,CAAC;IAED;;OAEG;IACK,cAAc,CAAC,KAAa;QACnC,IAAI,MAAM,GAAG,KAAK,CAAA;QAElB,KAAK,MAAM,EAAE,OAAO,EAAE,WAAW,EAAE,IAAI,IAAI,CAAC,MAAM,CAAC,QAAQ,EAAE,CAAC;YAC7D,MAAM,GAAG,GAAG,WAAW,IAAI,IAAI,CAAC,MAAM,CAAC,WAAW,CAAA;YAClD,IAAI,OAAO,GAAG,KAAK,UAAU,EAAE,CAAC;gBAC/B,MAAM,GAAG,MAAM,CAAC,OAAO,CAAC,OAAO,EAAE,GAAG,CAAC,CAAA;YACtC,CAAC;iBAAM,CAAC;gBACP,MAAM,GAAG,MAAM,CAAC,OAAO,CAAC,OAAO,EAAE,GAAG,CAAC,CAAA;YACtC,CAAC;QACF,CAAC;QAED,OAAO,MAAM,CAAA;IACd,CAAC;IAED;;OAEG;IACK,aAAa,CAAC,KAAc,EAAE,KAAa;QAClD,IAAI,KAAK,GAAG,IAAI,CAAC,MAAM,CAAC,KAAK;YAAE,OAAO,KAAK,CAAA;QAE3C,wBAAwB;QACxB,IAAI,KAAK,KAAK,IAAI,IAAI,KAAK,KAAK,SAAS;YAAE,OAAO,KAAK,CAAA;QAEvD,iBAAiB;QACjB,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;YAC/B,OAAO,IAAI,CAAC,cAAc,CAAC,KAAK,CAAC,CAAA;QAClC,CAAC;QAED,gBAAgB;QAChB,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;YAC1B,OAAO,KAAK,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,aAAa,CAAC,IAAI,EAAE,KAAK,GAAG,CAAC,CAAC,CAAC,CAAA;QAChE,CAAC;QAED,iBAAiB;QACjB,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;YAC/B,MAAM,MAAM,GAA4B,EAAE,CAAA;YAC1C,KAAK,MAAM,CAAC,GAAG,EAAE,GAAG,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;gBAChD,IAAI,IAAI,CAAC,gBAAgB,CAAC,GAAG,CAAC,EAAE,CAAC;oBAChC,MAAM,CAAC,GAAG,CAAC,GAAG,IAAI,CAAC,MAAM,CAAC,WAAW,CAAA;gBACtC,CAAC;qBAAM,CAAC;oBACP,MAAM,CAAC,GAAG,CAAC,GAAG,IAAI,CAAC,aAAa,CAAC,GAAG,EAAE,KAAK,GAAG,CAAC,CAAC,CAAA;gBACjD,CAAC;YACF,CAAC;YACD,OAAO,MAAM,CAAA;QACd,CAAC;QAED,0BAA0B;QAC1B,OAAO,KAAK,CAAA;IACb,CAAC;IAED;;OAEG;IACH,SAAS;QACR,OAAO,IAAI,CAAC,MAAM,CAAA;IACnB,CAAC;CACD;AAED,oDAAoD;AACpD,MAAM,gBAAgB,GAAG,SAAS,CAAC,UAAU,CAAC,SAAS,CAAC,CAAA;AAExD;;;GAGG;AACH,MAAM,UAAU,QAAQ,CAAC,KAAc,EAAE,mBAA6B,EAAE,EAAE,KAAK,GAAG,CAAC;IAClF,IAAI,gBAAgB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACjC,iDAAiD;QACjD,oFAAoF;QACpF,MAAM,SAAS,GAAG,SAAS,CAAC,uBAAuB,CAAC,SAAS,EAAE;YAC9D,MAAM,EAAE,gBAAgB,CAAC,GAAG,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;gBACxC,IAAI,EAAE,UAAmB;gBACzB,KAAK,EAAE,KAAK;aACZ,CAAC,CAAC;SACH,CAAC,CAAA;QACF,OAAO,SAAS,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAA;IACjC,CAAC;IACD,OAAO,gBAAgB,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAA;AACxC,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,eAAe,CAAC,mBAA6B,EAAE;IAC9D,MAAM,SAAS,GAAG,SAAS,CAAC,uBAAuB,CAAC,SAAS,EAAE;QAC9D,qDAAqD;QACrD,MAAM,EAAE,gBAAgB,CAAC,GAAG,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;YACxC,IAAI,EAAE,UAAmB;YACzB,KAAK,EAAE,KAAK;SACZ,CAAC,CAAC;KACH,CAAC,CAAA;IACF,OAAO,CAAC,KAAc,EAAE,EAAE,CAAC,SAAS,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAA;AACrD,CAAC;AAED,iDAAiD;AACjD,OAAO,EAAE,eAAe,EAAE,SAAS,EAAE,YAAY,EAAE,OAAO,EAAE,MAAM,oBAAoB,CAAA"}